Pages

Wednesday 30 October 2013

ELA_28_Common_Network_Utilities

Common Network Utilities:
Features:
1. Determine if remote host is up/available: 'ping'
2. Determine if local/remote service is available: 'telnet'
3. Determine network sockets stats/connections: 'netstat'
4. View L2 information:'arp'
5. View path taken by packets to remote system: 'traceroute'
6. Hostname-to-IP and reverse resolution: 'nslookup', 'dig'
7. Learn more information about and IP and/or block: 'whois'
Tasks:
1. Explore Packet Internet Groper (PING)
a. 'ping -c 3 192.168.0.100 -s 32' - sends 32-bytes + 8-bytes (ICMP overhead)
b. 'ping -c 3 -i 3 192.168.0.100' - sends 3-packets of 56-bytes, every 3-seconds to the target.
Note: PING may be blocked by L3 devices on your network and/or the Internet
2. Telnet - Don't use for TTY access to remote host. Use SSH. Use telnet to test port-accessibility.
a. 'telnet 192.168.0.50' - Install if necessary using yum.
3. Netstat - reveals TCP:UDP:Unix sockets - '/proc/net'
a. 'netstat -a' - dumps all sockets with: service/port and hostname resolution
b. 'netstat -an' - same as above, but suppresses name resolution
c. 'netstat -ntl' - suppresses name resolution, shows only TCP sockets, and Listeners
d. 'netstat -ntlp' - same as above, includes programs bound to ports
Note: 'Use '-p' option as root to reveal ALL programs'
Note: ':::514' - means that port is bound to ALL IPv6 addresses configured on the host
Note: '0.0.0.0:514' - means that port is bound to ALL IPv4 addressesconfigures on the host
e. 'netstat -i'
f. 'netstat -nulp' - returns ALL UDP listeners
g. 'netstat -rn' - returns kernel routing table
4. ARP - Address Resolution Protocol
a. 'arp -a || arp -e'
Note: ARP is usually self managing.
5. Traceroute - follows path taken by packets across the network (Intra/Internet)
a. 'traceroute 192.168.0.100'
b. 'traceroute www.hindux.com'
6. 'nslookup'
a. 'nslookup www.hindux.com'
DNS client tools use: '/etc/resolv.conf' to determine which DNS servers to query
7. 'dig'
a. 'dig www.hindux.com'
b. 'dig -x 192.168.0.100' - performs a reverse lookup
c. 'dig hindux.com mx'
8. 'whois' - Finds IP/domain ownership information
a. 'whois hindux.com'
Posted by at
Labels:

No comments :

Post a Comment

Subscribe to: Post Comments ( Atom )